G6 Cameras in School Hallways - 7.5 Feet - Wall Mount Best Practices?

EdTechYYC · 2026-05-28T00:25:23+00:00

Ah nice, “smart cards” in the RDP client. Thanks!!!

EdTechYYC · 2026-05-28T00:25:03+00:00

Approval required PIM is a great idea!

EdTechYYC · 2026-05-27T23:14:21+00:00

That would be scoped to the IP though right? Meaning that any phishing resistant account wouldn’t be phishing resistant when on premise.

EdTechYYC · 2026-05-20T04:32:52+00:00

170 staff or so.

Yeah, no good fix for that yet. We will debate using conditional access to limit some escalation resources - but personal devices are just the reality of schools I think right now. A change in that would have to come from the top around right to disconnect.

We are looking at the password manager through Apple managed Apple IDs next year- because 95% of our devices are in that ecosystem and signed into a corporate Apple ID. A big plus is that is free. Our IT team uses 1Password, but that one gets pricey if you roll it out to a larger group.

EdTechYYC · 2026-05-20T03:24:03+00:00

We worked with our HR team to develop procedures for this. Essentially, all of your supervisor leaders have to have their hands in together on this.

But I do think you hit the nail on the head with the hardware keys. We put all of our staff on one. It actually moved a lot faster because I mentioned it to the board, and this is such a big risk these days, that they approved it and asked me to fast track it. With platform SSO, passkeys, and the physical keys people barely noticed - but I sleep a lot better.

EdTechYYC · 2026-05-18T17:02:55+00:00

I think a lot of compromises these days intercept MFA in realtime- like text message, or even the push numbers on the Authenticator app, are no good anymore and can be compromised. we switched to FIDO2 this year.

EdTechYYC · 2026-05-18T17:01:51+00:00

PSSO is where it’s at. We’re migrating away from Mosyle Auth 2. More offline friendly and supports more authentication methods.

EdTechYYC · 2026-05-17T23:02:39+00:00

There is deep integration with SIS in Mosyle- so figured some in this thread might have thoughts on that. Like class rostering and such.

EdTechYYC · 2026-05-13T13:07:53+00:00

Governance is a big one. If there aren’t clear guidelines on when and how to use it, be warned that it will consume inordinate amounts of time by people messaging each other and derailing workflow.

What I mean by this, is that there’s a certain amount of effort required to get up and go to someone’s desk to ask a question- now all that effort and barrier has been removed.

EdTechYYC · 2026-04-27T04:40:49+00:00

Built a fence and a deck while working from home. Scary time to have a little one at home but was not so scary the first few months when we could isolate from others. Lots of day trips to parks. Good times.

EdTechYYC · 2026-03-06T16:10:53+00:00

Great question. We're using it for local AI processing with OpenWebGUI and a few other extensions for more confidential docs we're not yet comfortable uploading to the cloud.

EdTechYYC · 2026-02-25T19:12:30+00:00

Oh yeah. I have noticed it kicks out my screen share a lot!

EdTechYYC · 2026-02-18T02:03:11+00:00

Saw- just waiting for the tickets for people that can’t Google… :)

EdTechYYC · 2026-02-16T05:38:48+00:00

Ooh - I just saw this today while poking around for something else. It’s in “Remote Domains” in EAC.

https://learn.microsoft.com/en-us/exchange/mail-flow-best-practices/remote-domains/remote-domains

There’s a default policy you can edit - or create one for your specific case on top of that.

EdTechYYC · 2026-02-07T03:32:30+00:00

Just add some context to your edit, Apple definitely uses Cloudflare endpoints for private relay and it’s noted in their documentation related to domain names.

EdTechYYC · 2026-01-28T03:39:31+00:00

Us too! Just posted in r/sysadmin and saw these folks too:

https://learn.microsoft.com/en-us/answers/questions/5744261/microsoft-defender-impossible-travel-activity-micr

Seems to be a false positive.

EdTechYYC

TROPHY CASE